Transcript Disaster Recovery Plan
Slide 1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 2
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 3
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 4
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 5
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 6
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 7
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 8
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 9
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 11
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 12
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 13
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 14
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 15
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 16
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 17
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 18
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 19
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 20
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 21
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 22
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 23
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 24
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 25
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 26
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 27
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 28
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 29
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 30
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 31
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 32
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 33
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 34
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 35
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 36
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 37
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 38
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 39
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 40
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 41
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 42
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 43
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 44
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 45
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 46
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 47
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 48
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 49
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 50
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 51
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 52
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 53
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 54
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 55
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 56
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 57
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 58
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 59
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 60
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 61
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 62
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 63
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 64
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 65
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 66
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 67
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 68
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 69
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 70
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 71
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 72
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 73
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 74
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 75
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 76
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 77
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 78
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 79
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 80
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 81
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 82
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 83
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 84
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 85
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 86
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 87
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 88
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 89
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 90
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 91
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 92
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 93
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 94
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 95
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 96
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 97
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 98
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 99
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 100
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 101
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 102
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 103
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 104
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 105
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 106
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 107
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 108
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 109
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 110
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 111
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 112
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 113
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 114
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 115
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 116
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 117
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 118
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 119
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 120
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 121
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 122
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 123
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 124
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 125
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 126
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 127
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 128
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 129
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 130
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 131
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 132
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 133
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 134
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 135
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 136
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 137
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 138
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 139
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 140
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 141
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 142
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 143
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 144
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 145
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 146
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 147
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 148
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 149
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 150
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 151
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 152
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 153
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 154
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 155
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 156
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 157
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 158
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 159
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 160
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 161
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 162
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 163
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 164
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 165
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 166
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 167
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 168
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 169
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 170
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 171
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 172
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 173
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 174
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 175
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 176
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 177
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 178
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 179
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 180
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 181
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 182
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 183
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 184
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 185
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 186
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 187
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 188
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 189
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 190
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 191
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 192
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 193
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 194
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 195
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 196
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 197
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 198
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 199
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 200
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 201
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 202
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 203
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 204
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 2
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 3
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 4
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 5
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 6
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 7
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 8
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 9
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 11
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 12
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 13
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 14
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 15
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 16
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 17
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 18
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 19
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 20
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 21
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 22
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 23
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 24
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 25
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 26
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 27
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 28
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 29
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 30
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 31
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 32
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 33
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 34
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 35
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 36
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 37
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 38
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 39
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 40
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 41
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 42
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 43
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 44
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 45
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 46
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 47
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 48
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 49
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 50
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 51
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 52
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 53
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 54
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 55
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 56
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 57
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 58
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 59
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 60
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 61
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 62
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 63
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 64
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 65
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 66
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 67
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 68
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 69
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 70
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 71
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 72
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 73
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 74
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 75
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 76
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 77
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 78
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 79
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 80
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 81
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 82
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 83
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 84
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 85
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 86
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 87
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 88
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 89
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 90
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 91
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 92
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 93
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 94
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 95
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 96
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 97
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 98
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 99
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 100
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 101
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 102
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 103
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 104
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 105
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 106
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 107
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 108
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 109
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 110
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 111
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 112
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 113
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 114
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 115
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 116
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 117
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 118
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 119
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 120
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 121
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 122
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 123
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 124
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 125
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 126
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 127
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 128
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 129
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 130
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 131
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 132
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 133
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 134
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 135
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 136
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 137
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 138
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 139
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 140
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 141
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 142
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 143
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 144
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 145
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 146
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 147
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 148
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 149
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 150
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 151
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 152
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 153
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 154
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 155
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 156
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 157
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 158
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 159
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 160
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 161
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 162
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 163
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 164
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 165
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 166
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 167
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 168
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 169
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 170
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 171
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 172
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 173
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 174
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 175
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 176
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 177
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 178
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 179
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 180
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 181
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 182
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 183
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 184
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 185
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 186
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 187
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 188
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 189
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 190
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 191
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 192
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 193
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 194
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 195
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 196
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 197
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 198
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 199
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 200
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 201
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 202
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 203
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Slide 204
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Impact Analysis
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Stages BCP/DRP
Develop contingency planning policy
Conduct business impact analysis (BIA)
Identify preventive controls
Develop recovery strategies
Develop contingency plan
Test the plan and train personnel
Maintain the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threats
Controls
Vulnerabilities
Risks
Security
Arrangements
Assets
Asset Value
Potential Impact on Business
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Analysis
A pre-requisite to complete and
meaningful DRP program
It is assessment of threats to assets
Determination of protection required to
safe guard the assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Assessment Process
Identification of assets
Identifying threats to these assets and
assessing their likelihood
Identifying vulnerabilities and assessing how
easily they might be exploited
Correlate threats to assets
Ranking of risks
Identifying the protection provided by the
controls in place
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
The process of identifying, controlling
and minimizing or eliminating risks
that may affect information systems
for acceptable cost
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management - Direction
Reducing the risk
Avoiding the risk
Transferring the risk
Accepting the risk
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Degree of Assurance Required
It is not possible to achieve total
security
There will always be a residual risk
What degree of residual risk is
acceptable to the organization?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Risk Management
Defining an acceptable level of residual
risk
Constantly reviewing threats and
vulnerabilities
Reviewing of existing controls
Applying additional controls
Introducing policy and procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What are Assets?
An asset is something to which an
organization directly assigns value and
hence for which the organization requires
protection
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Information
data files
user manuals etc.
Software
application and system software etc.
Services
communications
technical etc.
Company image and reputation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Examples of Asset
Documents
contracts
guidelines etc
Hardware
computer
magnetic media etc.
People
personnel
customers etc.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets
Physical
Logical
•
•
•
•
Data
Information
Software
Documentation
•
•
•
•
•
People
Hardware
Facilities
Documentation
Supplies
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Some Assets
physical assets
personnel assets
intellectual property
trade secrets
corporate information
financial information
market research
strategic planning
customer lists
vendor lists
contact lists
information systems
R & D information
communications
meetings
future directions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Assets Valuation
Would depend on
Business impact on loss of asset
Period of time for which asset is
unavailable
Valuation of the competitor
Value of information rather than
replacement of hardware
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Risk?
The potential that a given threat
will exploit vulnerabilities of an
asset or group of assets to cause
loss or damage to assets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Risks
Protection of asset should be on the
basis of their criticality
How long can I continue without my
asset
What is the loss to business if asset is
not there
Can I continue operations otherwise
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Outage Impact & Allowable Outage
Times
R e s o u r c e
O u t a g e
Im p a c t
A l l o w a b l e
O u t a g e T im e
A u t h e n t ic a t io n
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
Se r v e r
D a t a b a s e Se r v e r U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E - m a il Se r v e r
U s e r c o u ld n o t s e n d e - m a il
2 d a ys
5 De skto p
Co m p u t e r s
Hub
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
N e t w o r k Ca b lin g
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
E le c t r ic P o w e r
U s e r c o u ld n o t a c c e s s In v e n t o r y S y s t e m
8 hours
P r in t e r
U s e r c o u ld n o t p r o d u c e In v e n t o r y R e p o r t s
4 d a ys
8 hours
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Critical
Only automated
Low tolerance to interruption
High cost of interruption
Vital
Level of tolerance is high
Can be operated manually for limited period
Cost of interruption is low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
System Ranking
Sensitive
Can performed manually for extended
time period
Additional resources required
Non Critical
Can remain inoperative
Data is not restored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Formulae for Comparing Risks
Asset Likelihood Vulnerability Measure
Cost of Threat
C
of Risk
A Occurrence
D
B
A+B+C
3
4
5
3
4
3
3
3
3
5
5
5
5
4
1
1
2
1
1
1
1
Risk
Ranking
E
High
Moderate
Very High
Low
Very Low
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat
A declaration of the intent to inflict harm, pain
or misery
Potential to cause an unwanted incident,
which may result in harm to a system or
organization and its assets
Intentional or accidental, man-made or an
act of God
Assets are subject to many kinds of threats
which exploits vulnerabilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Types of Threat
Man made Threats
Errors
Sabotage
Bombs
Strikes
Terrorist Attack
Competitors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Man made
Threats
Disgruntled
employees
Ex-employees
Hackers
Cracker
Fire
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Natural Threats
Floods
Hurricanes
Tornadoes
Earth-quakes
Fire
Lightning
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Threats
Technological
Deliberate threats
Accidental threats
Threat frequency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Threat Likelihood
Low
Less likely to occur
Medium
some history of occurrence
High
Good possibility of occurrence
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Impact of Threat
Loss of money
Loss of reputation or goodwill
Opportunities missed
Litigation
Threat on personnel
Break-ins or Hacks
Lost confidence
Business interruption
Reduced efficiency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerability
A vulnerability is a weakness/hole in an
organization’s information security
A vulnerability in itself does not cause harm
It is merely a condition or set of conditions
that may allow a threat to affect an asset
A vulnerability if not managed, will allow a
threat to materialize
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Vulnerabilities
Absence
of
key
personnel
Unstable power grid
Unprotected
cabling
lines
Lack
of
security
awareness
Wrong allocation of
password rights
Insufficient security
training
No firewall installed
Unlocked door
Password same as
userid
Poor
choice
of
password
New technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
Controls are applied to
mitigate risk
bring to acceptable level
accept the risk
Controls should be cost effective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Which Control?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection
Risk
Degree of assurance required
Cost
Ease of Implementation
Servicing
Legal and regulatory requirements
Customer
and
other
contractual
requirements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control Selection - Cost
Budget limitations
Does the cost of applying the control
outweigh the value of the asset
May have to select Best Value range of
controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Ease of Implementation
Does environment support control
How long will the control take to
implement
Is the control readily available
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Control - Servicing
Are skills available to manage controls
Are upgrades readily available
Is equipment supported by local
engineers or suppliers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls
The policies, practices and organizational
structures designed to provide reasonable
assurance that business objectives will be
achieved and that undesired events will
be prevented or detected and corrected
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Power Outage Mitigation
Provide one hour of uninterrupted power on
all servers used internally
Provide eight hour of uninterrupted power on
all web server and support hardware
Replace desktop systems with laptops where
possible
Alternate power supply
DG Set
UPS/voltage regulators
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Fire Damage
Automatic and manual fire alarms
strategic locations
Fire extinguishers at strategic locations
at
Halon or CO2 or water?
Automatic fire sprinkler system
Control panels
Automatic fire proof doors
Master switches both inside and outside IS
facility
Wiring in closets
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Water Damage
IS facility should not be on the ground
floor
Water proof ceilings, walls and floors
Drainage systems
Water alarms
Dry pipe sprinkler system
Cover hardware with protective fabric
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Controls of the Last Resort (Insurance)
IS equipment and facility
Media reconstruction (Software)
Extra expense
Business interruption
Valuable papers and Records
Errors and omissions
Fidelity coverage
Media transportation
Extra Equipment Coverage
Specialized Equipment Coverage
Civil Authority
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a contingency?
An event with a potential to disrupt
computer operations, critical missions
and business functions
Reasons:
Power outage
Hardware failure
Fire
Storms
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster?
A contingency event which is very
destructive
Disasters results from threats
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Disaster
Crisis Phase
Emergency Response Phase
Recovery Phase
Restoration Phase
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disasters
New York WTC collapse
Gujrat earthquake
Power Outage knocks out a data server
Sprinkler system leaks
Chemical spills from a tanker
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
I Liberty Plaza Head Quarter of Nasdaq is
across the street from WTC
CIO Gregor Bailar provides an inside look at
how Nasdaq got back up and running after
the Sept. 11 tragedy
What was happening at 1 Liberty?
They began evacuating after the first plane hit.
Our security guards on their own accord
evacuated our floor at least, so most of our
people were on the ground when the second
plane hit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Halting the market wasn't a step you
could
take
lightly
"Yes, halt the market."
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
The first thing we had to understand was
our personnel situation
Then we broadened the investigation to
learn who was affected among our traders
Then we had to understand the situation
from a physical perspective
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Did we lose a building?
Did we lose a data center?
Did we lose connectivity?
What have we got in the way of physical
damage that's going to take a long time to
restore?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did the command center operate?
Next we needed to know the regulatory
situation:
Are people trading today?
What's the landscape of the trading
industry?
It was literally in that order
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
Nasdaq is highly redundant
We have servers in different buildings
Every single one of our traders is
connected to two different Nasdaq points
of presence or connection centers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
Some of your traders were in trouble, but
Nasdaq's systems were all up?
There are four connection centers alone in
downtown Manhattan
20 connection centers around the United States
Every single server connects to two of those
centers through two different paths, and often
through two different vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
How did you prepare for Monday?
We started industrywide testing on Saturday at
7 or 8 in the morning, and by 11:30 that
morning, we had achieved 98 percent of the
volume. And then on Sunday we did a half-day
of retesting with people who wanted to add a
little more volume capability.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What did Nasdaq lose over the downtime
and what did it cost to get back up?
We have interruption insurance, so we
hope to recover most of it, but it's in the
millions, and it could crest tens of millions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
What were the Disaster recovery lessons for
Nasdaq?
We learned that distributed systems are really
good. You have to think about how your
business
has
concentrated
people
or
operational centers in certain places. You've got
to consider if it's the wisest distribution. We feel
we were lucky having some folks in Connecticut
and some in Maryland. Even if we had lost
some of our senior management at 1 Liberty
Plaza, we would have still had a senior team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
This was a true test of people's backup
strategies
Did you ever test your backup strategy?
Have you worked out of your backup
center?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
Do you know how to get people there?
Do you know the critical phone numbers?
A lot of people don't have phone numbers
as part of their continuity of business plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
I think people will have to look very
carefully at their backup strategies and
see whether they can communicate with
everybody easily, whether the phone
numbers are not stored in that same
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Nasdaq Story 11 Sept, 01
After living through this, what would you
advise other CIOs to consider?
building that could experience the
Disaster, and whether they've got hot
backups
Hot backups are going to be much more
popular than they have been in the past
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Yellow line shows normal traffic
Naresh Gandhi FCA, D.I.S.A. (ICAI)
How did AT&T Control
141 video display screens show the status of
all the networks
Network managers put controls on the
network to slow down the flow of inbound
calls
Keep circuits available for outbound calling
As a result, the AT&T long distance network
carried a record 431 million call attempts on
Sept. 11, 101 million more than the previous
high-traffic day
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Business Continuity Plan
The BCP focuses on sustaining
an
organization’s
business
functions during and after a
disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Plan
The DRP applies to major,
usually catastrophic, events that
deny access to the normal facility
for an extended period
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Business Recovery Plan
Addresses restoration of business
processes but lacks procedures
Continuity Of Operations Plan
Addresses restoring H.Q. level issues at
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Plans
Crisis Communication Plan
A plan responsible for public communications
IT Contingency Plan
Plan for each major application
Occupant Emergency Plan
Response Procedures for Occupants
Test plan
Identifies deficiency in different Plans
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Cyber Incident Response Plan
The IRP defines strategies to
detect, respond to and limit
consequences of malicious cyber
incident
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
Serious disruption
Major disruption
Catastrophic disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Minor disruption
No damage or loss
Temporary power failure or fluctuation
Communication failure
Unavailability of non critical personnel
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Serious disruption
Repairable damage to equipment, office
area, data, records, software
Equipment breakdown
Failure of AC
Human error
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Major disruption
Destruction of equipment, office area,
data
Complete loss of equipment
Structural mishap
Malicious loss of data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Category of Disaster
Catastrophic Disaster
Total loss of office area, data or people
due to natural Disaster like fire, flood etc.
Complete destruction of personnel
Complete destruction of facilities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
What is a Disaster Recovery Plan?
A plan that provides vital pre planned
frame-work
for initiating recovery operations
provides guidance for damage assessment
planned actions to resume critical IS and
functional activities
restore full business operations
minimum delay and disruption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Coping with Emergencies
Idea of DRP is to think before actual
happenings:
How likely is the happening
What can be done on happening
What can be done to lessen their
likelihood
What can be done to prepare for these
events
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Key Issues
How to develop the plan
How to test the plan
How to maintain
How to keep continuity of operations
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
A total plan for all departments integrated
together
Must be written, tested and documented
Clear assignment of responsibilities to
employees
It should address
main frame computer
mini computer
micro computer
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP Overview
It should address...
networks
automated operations
semi automated operations
manual operation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Why Disaster Recovery Plan
To respond to Disasters of any type
To curtail revenue loss
To avoid loss of critical data
To maintain competitive edge
To maintain employee productivity
Naresh Gandhi FCA, D.I.S.A. (ICAI)
DRP - Phases
Identifying threats and vulnerabilities
Developing the contingency plan
Conducting tasks and drills
Updating and maintaining the plan
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Ranking of Objectives of DRP
Protection of organizations employees
and public
Minimizing the financial impact
Limiting extent of damage
Reducing physical damage
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Planning Responsibilities
Prime responsibility for developing,
maintaining, executing contingency
plan is with senior management
Recommended approach to planning is
by teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
DRP Plan
Top down approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan
Top down approach - it involves
Senior management
Line management
IS management
System auditors
End user
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques - DRP Plan Steps
Conduct impact analysis
Plan design
Plan development
Plan Implementation
Plan testing
Plan Maintenance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Ongoing maintenance
Combination of top down and bottom up
approach
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Why do we require plan?
Responsibility to
shareholders
customers
suppliers
employees
legal
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in a planning
process?
Technical aspects
Back-up employees
Functional user operations
Selection of DRP team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Application System
Prioritization
Critical application systems
Prioritize item
Conduct impact analysis
Prioritization
to
be
based
on
importance to the organization and not
to individual
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
What can go wrong in system
prioritization?
Majority of the system may not be
critical
Most business user claim their system
qualify as critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee
Responsible for developing DRP
Knowledgeable members
Specific assignments
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning Committee Members
Knowledgeable members
Project leaders
Well versed with IS requirements
From security, fire, operations, production
control,
legal,
audit,
users,
telecommunication, network, system and
application programming
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Recovery Capability Assessment
Current security
Disaster recovery capabilities
Weaknesses
Analysis
Recommend prioritized actions
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan Development Alternatives
In-house
Ready made software package
Hire consultants
Combination of the above
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Hardware
System software
Personnel's
Telecommunications
Backup data file
Vendor support availability
Security
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Plan requirement analysis
Office equipment
Logistics
Storage
Funding
Purchase orders
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Purpose and scope
Testing and Recovery procedures
Vendors with address and tele nos.
Location of contingency plan
Procedure for post recovery
Emergency recovery team members with
responsibility
Phone list for fire, police, hardware, software,
major suppliers and customers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Techniques
Planning document contents
Contact person with address at backup location
Description and configuration of hardware and
software
Backup contractual agreements
Application system job priorities
Logistics
Insurance carrier phone nos.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Identifying the critical functions
Identifying the resources supporting critical
functions
Anticipating potential contingencies or
Disasters
Selecting contingency planning strategy
Emergency response
Recovery
Resumption
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Contingency Planning Process - Steps
Implementing the contingency strategy
Implementation
Documenting
Training
Testing and revising the strategy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Disaster Recovery Teams
Emergency
action
team
Disaster assessment
team
Recovery management
team
Public Relations team
Off-site storage team
Software team
Application team
Security team
Communication team
Transportation team
Facilities team
Administration team
Operation team
Procurement team
Salvage team
Staff
Coordination
team
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Recognize an emergency
Contact the proper authority
Specific nature of the emergency
Time of the emergency
Location of the emergency
Extent of damage or status of the emergency
Danger or injuries to people
Cause of the emergency
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate the plan
Gather the response team
Brief the response team
Activate emergency command center
Communications equipment
Personal protective equipment (First Aid Kits)
Records and information needed to respond
Reference manuals, including maps
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activating the Plan
Activate emergency command center
Emergency communication directory
Back-up power supply, including fuel
Office supplies, including computers with internet
access
AM/FM radios, cable television
Food, water, and other personal supplies to last
several days
Message boards, overhead projectors and other
presentation materials and equipment
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Maintain communication
Initiate recovery activities
Assemble a damage assessment team
Gather initial damage estimates
Facility structural damage
Damage to products, materials, or supplies,
including records and information
Damage to vehicles or equipment
Damage to property
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Gather initial damage estimates
Personal injuries
Costs to recover (materials and supplies)
Costs to recover (repairs and
maintenance)
Costs to recover (labor)
Loss of revenue
Compile information into a report
Initial Damage Assessment Report
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Initial Damage Assessment Report
Facility Damaged:
Location:
(Attach map with clearly marked location and travel route to site, If needed)
Describe Damage or Injuries:
List Work Needed to Repair Sites:
List Work that has been completed:
(Attach activity report if any work has been completed)
Estimated Cost:
(Develop a detailed breakdown of personnel, equipment, and materials for complete damage assessment; include estimate of any loss of revenue)
Notes/Comments:
Damage Report Completed By:
Dated:
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Train the damage assessment team
Initiate security activities
Issuing identification badges to employees and
other authorized personnel
Locking doors if personnel cannot monitor the
facility during an emergency
Installing signs designating secured or restricted
area
Placing a sign-in sheet at the command center
and logging time in/out
Creating a list of authorized personnel and
monitoring it
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Activation of the Plan
Initiate security activities
Ensuring that personnel know who is authorized to make
decisions
Maintaining supplies to board up windows quickly
Securing cash operations immediately
Asking for police assistance
Asking a neighbor to help monitor security
Notify recovery site
Notify impacted staff
File insurance claims
Primary site procedures
Return to normal operations
Post recovery analysis
Activate Contingency Arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Develop Recovery Priorities
R e s o u r ce
R e co ve r y P r io rity
A u t h e n t ic a t io n S e r v e r
H ig h
D a ta b a s e Se rve r
H ig h
5 D e s k t o p Co m p u t e r s
H ig h
1 Hub
E - m a il S e r v e r
P r in t e r
R e m a in in g D e s k t o p Co m p u t e r s ( 4 5 )
R e m a in in g H u b ( 5 )
H ig h
M e d iu m
M e d iu m
Lo w
Lo w
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternative
Centralized Systems
Hot Site
Warm Site
Cold Site
Mobile Site
Mirrored Site
Duplicate Information Processing Facility
Reciprocal Agreement
Commercial Service Bureaux
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Hot Site
Fully configured
Ready for operations
Intended for emergency operations
Use for limited time operations
Most expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Warm Site
Partially configured
Without CPU
Less expensive then hot site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Cold Site
Only basic environment
Activation takes several weeks
Least expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mobile Site
Empty shell facilities
Transportable
Available on lease through vendors
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Mirrored Site
Fully redundant
Real time information mirroring
Identical to primary site
Most expensive to maintain
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Duplicate Information Processing
Facilities
Dedicated self developed recovery sites
Backup of critical applications
Site chosen to be away from primary site
Resource availability to be assured
Regular testing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Recovery Alternatives
Reciprocal agreements
agreements between organizations with
similar equipments or applications
low cost
configuration compatibility
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Service Bureaus/ASPs
Emergency processing services
Application specific
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Alternate Site Selection Criteria
S it e
C o s t
H a r d w a r e
E q u ip m e n t
T e l e C o m m u n ic a t io n
S e t u p
T im e
L o c a t io n
Co ld Site
Wa r m Site
H o t Site
M o b ile Site
M ir r o r e d Site
Low
None
None
Long
Fixe d
M e d iu m
P a r tia l
P a r tia l/ Fu ll
M e d iu m
Fixe d
M e d iu m / H ig h
Fu ll
Fu ll
Sh o r t
Fixe d
H ig h
Dependent
Dependent
Dependent
N o t Fixe d
H ig h
Fu ll
Fu ll
None
Fixe d
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Redundancy
Surplus capacity
load/failure
created
for
extra
Alternative Routing
Routing by means of alternate medium
Diverse Routing
Split or duplicate cable sheet
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Telecommunication Network
Backup
Last mile circuit protection
Local communication loops
Long haul network diversity
T1 circuits between network carriers for
automatic re-routing in case of failures
Voice Recovery
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Data Recovery Plan
Critical
Vital
Sensitive
Non Critical
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Techniques
Full Backup
Incremental Backup
Differential Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Floppy Diskettes
Compact Disk
Replication
Internet Backup
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Methods
Removable Cartridges
Tape Drives
Networked Disk
Remote Mirroring
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Where will media be stored?
What data should be backed up?
How frequent are backups conducted?
How quickly the backups are retrieved in the
event of an emergency?
Who is authorized to retrieve the media?
How long will it take to retrieve the media?
Where will the media be delivered?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Answer the following
Who will restore the data from the media?
What is the tape-labeling scheme?
How long will the backup media be retained?
When the media are stored onsite, what
environmental controls are provided to
preserve the media?
What types of tape readers are used at the
alternate site?
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
It should contain
Backup of tapes, disks, master and transaction
files
Backup copies of current application software
Upto date copy of contingency plan
Upto date operation manuals, system and
program documentation
Each facility must have backup media library
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Media Library
Should be at some distance from main
facility
Subject to physical and environmental
control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
What can go wrong
May contain only magnetic or electronic
record not paper record
Access not available at all time
Critical data may not be stored
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Backup Procedures
Determining Backup Priorities
Postpone less urgent task
Identify in advance critical function
Eliminate or postpone non-urgent
portion of record keeping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Plan Testing
Scope
Time-frame
Teams
Objectives
Methodology
Conduct
Evaluation
Weaknesses
Improvement
Revision
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Phases of Testing
Pre test
Test
Post Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Type of Tests
Checklist test
Structured walk through test
Simulation test
Parallel test
Full interruption test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Result Analysis
Time
Amount
Count
Accuracy
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Test Examples
Contact every level of call tree successfully
within 1 hour
Restore critical system off-site within 48
hours
Evacuate building in 15 minutes
Contact key vendors within 1 hour
Fire drills carried selectively
Check jockey pump pressure
Notify participants in advance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Awareness and Training
Walkthrough Session
Scenario Workshop
Simulation of a Live Test
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Strategy as per changing need of the
business
New applications documented
Change in critical applications
Change in hardware or software
environment
Plan maintenance methods
Naresh Gandhi FCA, D.I.S.A. (ICAI)
BCP Maintenance
Schedule
for
periodic
review
and
maintenance
Review of revisions
Conducting scheduled and unscheduled
tasks
Training recovery personnel
Maintaining rounds
Updating personnel changes
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Record of Change
P a g e
N o .
C h a n g e
C o m m e n t
D a t e o f
C h a n g e
S ig n a t u r e
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Law And Standards
Naresh Gandhi FCA, D.I.S.A. (ICAI)
HIPAA
Documented
Practices
for
data
protection and continuity of operations
for health care industry
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GBL And The Expedited Funds
Availability Act
Standards for safeguarding security,
confidentiality of customer records
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Sarbanes-Oxley Act
An Act for protecting investors by
improving reliability of corporate
disclosures and internal control
Naresh Gandhi FCA, D.I.S.A. (ICAI)
GASSP
Principles supporting the Generally
Accepted Accounting Principles and
similar models
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Information Technology
Infrastructure Library
A collection of best practices in IT
service management
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel Committee On e-Banking
Principles for effective capacity,
business continuity and contingency
planning of e-banking systems and
services
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Basel II Capital Accord
Encourage financial firms to be more
proactive and forward looking in
financial activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
SAS 70
Internationally recognized auditing
standard for service organization
Naresh Gandhi FCA, D.I.S.A. (ICAI)
COBIT
A framework resulting in control
objectives considered to be good or
best practices
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Networked Systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies
Eliminating single points of failure
Redundant Cabling and Devices
Remote Access
Wireless LANs
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies For Fault Tolerant
Implementation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
A system which uses multiple hard drives
to share or replicate data among the drives
A system that combines multiple hard
drives into a single logical unit
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
BENEFITS
Higher data security
Fault tolerance
Improved availability
Increased, Integrated capacity
Improved performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Data redundancy techniques
Mirroring
Parity
Stripping
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Data in the system is written
simultaneously to two hard disks
instead of one
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
MIRRORING
Advantages
Data redundancy
Fast recovery
Disadvantages
Expensive
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Duplexing
Data in the system is written
simultaneously to two hard disks with
separate controllers
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
Disk Duplexing
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
A data element is broken into multiple
pieces at bytes level or in blocks
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
STRIPING
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID
PARITY
It involves the use of parity information, which is
redundancy information calculated from the
actual data values
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-0
Technique : stripping without parity
Files broken into stripes
No redundancy
Storage efficiency: 100% if drives identical
Minimum of 2 hard disk required
Fault tolerance none
Cost lowest of all RAID levels
Recommended uses non critical data
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-0
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, 16 kiB stripe size
RAID 0 array. The red file is 4 kiB in size; the blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-1
Technique: mirroring
Exactly 2 hard disks
Fault tolerance very good
Storage efficiency: 50% if drives identical
Cost Relatively high
Recommended
uses for applications
requiring high fault tolerance eg.Accounting
and other financial data.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-1
Illustration of a pair of mirrored hard
disks,
showing
how
the
files are duplicated on both drives.
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Functions
of EDI
RAID LEVELS
RAID-2
Technique used Bit level striping with ECC
Hard disk requirements-10 data disks & 4 ECC disks
Random read performance: Fair
Random write performance: Poor
Fault tolerance only fair
Cost very expensive
Recommended use- not used in modern systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-3
Technique: Byte level striping with dedicated parity
Minimum 3 hard disks
Random read performance: Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-1)
Fault tolerance good
Cost: Moderate
Recommended uses: Applications working with large files
that require high transfer performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-3
This illustration shows how files of different sizes are
distributed between the drives on a four-disk, bytestriped RAID 3 array. The red file is 4 kiB in size; the
blue is 20 kiB;
the green is 100 kiB; and the magenta is 500 kiB,.
Notice that the files are evenly spread between
three drives, with the fourth containing parity
information (shown in dark gray)
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-4
Technique used: Block level striping with
dedicated parity
Random read performance: Good
Random write performance: Fair
Array Capacity: Size of smallest drive*(no. of
drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended uses: Not commonly used
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-4
This illustration shows how files of different sizes are
distributed between
the drives on a four-disk RAID 4 array using a 16 kiB
stripe size. The red file is 4 kiB in size; the blue is 20
kiB; the green
is 100 kiB; and the magenta is 500 kiB, Notice that
as with RAID 3, the files are evenly spread between
three drives, with the fourth containing parity
information (shown in gray).
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-5
Technique used: Block level striping with distributed parity
One of the most popular RAID level
Random read performance: Very Good
Random write performance: Only Fair
Array Capacity: Size of smallest drive*(no. of drives-1)
Minimum 3 hard disks
Fault tolerance good
Cost: Moderate
Recommended
uses:
ERP,
Relational
database
applications & other business systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-5
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 5 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-6
Technique used: Block level striping with dual distributed
parity
Minimum 4 hard disks
Random read performance: Very Good
Random write performance: Poor
Array Capacity: Size of smallest drive*(no. of drives-2)
Fault tolerance very good
Cost: High
Specialized controller
Recommended uses: Same as RAID5 But not popular as
cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID-6
This illustration shows how files of different
sizes are distributed
between the drives on a four-disk RAID 6 array
using a 16 kiB stripe
size.The red file is 4 kiB in size; the blue
is 20 kiB; the green is 100 kiB; and the magenta
is 500 kiB,
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID LEVELS
RAID-7
Proprietary product of Storage Computer Corporation
Hard disk depends
Random read performance: Very Good
Random write performance: Very Good
Array Capacity: Depends
Fault tolerance very good
Cost: Very High
Specialized controller
Recommended uses: Not popular as cost high
Naresh Gandhi FCA, D.I.S.A. (ICAI)
MULTIPLE(NESTED) RAID LEVELS
RAID-0+1 & RAID-10
Technique used: Mirroring & Striping without parity
Most popular of the multiple RAID Levels
Minimum 4 Hard disks
Availability very good for RAID-01,excellent for RAID-10
Random read performance: very good
Random write performance: good
Fault tolerance very good
Cost: High
Recommended uses: Often used in place of RAID-1 or
RAID-5 for higher performance
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 0+1
Naresh Gandhi FCA, D.I.S.A. (ICAI)
RAID 10
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Data communications
Dial up
Circuit Extension
On demand service from the carriers
Diversification of services
Microwave communications
VSAT
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Strategies for Voice communications
Cellular phone backup
Carrier call rerouting systems
Backup PBX systems
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Electronic vaulting
Electronic vaulting is the ability to store
and retrieve backup electronically in a site
remote from the primary computer centre
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Remote Journaling
Parallel processing of transactions to
an alternate site
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Database shadowing
Duplicating the
multiple servers
database
sites
to
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Back up strategies
Dual Recording
Dumping
Logging Input Transactions
Logging Beforeimages
Logging Afterimages
Naresh Gandhi FCA, D.I.S.A. (ICAI)
NETWORK ATTACHED STORAGE
A class of systems that provide file
services to host computers
Dedicated storage solution that is
attached to a network topology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
A network of storage disks
It connects multiple computers to a
centralized pool of disk storage
Fibre Channel Technology
Naresh Gandhi FCA, D.I.S.A. (ICAI)
STORAGE AREA NETWORK
Advantages
Centralization of storage
Storage & server resources grow
independently
Data transfer directly from device to
device
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
It consists of distributing user activity
across a network so that no single server
is overloaded
Enables application to operate even if one
of the server is down
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Server Load Balancing
Load Balancing done by load balancers
Routers & switches with application
specific integrated circuits
Naresh Gandhi FCA, D.I.S.A. (ICAI)
IS Audit Technique
Role of Auditor
Observer
Reviewer
Reporter
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Current copy of BCP
Evaluation of documented procedures
Critical application identified
All application reviewed
Support of critical applications
Review of BCP personnel, vendors, hot
site contents, back-up contents
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Review of BCP
Interview key members
Evaluation of emergency procedures
Written procedures of recovery teams
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Interview personnel and reading documents
Risk analysis documents
Disaster recovery requirement documents
Disaster recovery training documents
Disaster recovery plan testing documents
Disaster recovery plan maintenance procedures
Alternative processing contracts with back-up
facilities
Third party audit reports
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Risk analysis
Critical application identifications
Classification of critical data
Minimum hardware configuration
Existing file backup procedures
Record retention and rotation schedules
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities
Commercial
Private
Verify financial background and reputation
Visit the facility
Assess the storage standards
Method of separation of media
Mode of transportation of media
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Off-site storage facilities ...
Review flow of media in and out
Visitors access
Terms and conditions of vendors
Confidentiality of data
Periodic inventory of media
Other physical and environmental controls
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents
No of subscriber and capacity of computer in
backup facility
Fee structure of vendor
Off-site media storage facility
Liability of vendors for loss or damage at off-site
Name, addresses Tele Nos. of recovery team
members
Transportation arrangements
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Procedure
Plan Documents …
Equipments and supports
Emergency team instructions for evacuations
and recovery
Tele Nos. of hardware, software supply vendors
Procedures to handle bombs or arson threats
Plan testing procedures
Network
configuration
diagram
and
documentation
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Adequacy of risk analysis
Adequacy of off-site storage facilities
DRP documents is complete, clear and
under- standable
Adequacy
of
management
preparedness
Adequacy
of
plan
maintenance
procedures
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Audit Objectives
Identify problems, concerns
Make cost effective recommendations
Identify over secured and under
secured activities
Naresh Gandhi FCA, D.I.S.A. (ICAI)
Thanks...
Naresh Gandhi FCA, D.I.S.A. (ICAI)